More than half of the cybersecurity workforce is in the 35-54 demographic, according to research by CompTIA. Pictured: Employees with tech startup company Fast play a game of ping pong on the first day back in the office on March 24, 2021, in San Francisco. (Photo by Justin Sullivan/Getty Images)

New research from CompTIA on the tech workforce found that 52% of those who work in cybersecurity are in the 35-54 age demographic, and only 30% of the cyber workforce is in the 19-34 age group. The research raises the question as to whether the industry could do more to attract young people.

CompTIA’s numbers also point out the cyber industry will need to attract young people, as tech employment overall is expected to double in the next decade, with demand for data scientists growing at 268% and demand for cybersecurity jobs expanding by 253%.

The numbers are staggering and emphasize the wealth of career opportunities ahead for cybersecurity professionals as security has become a focal point of global business, said Elena Kvochko, chief trust officer at SAP. However, Kvochko said there’s a systemic hiring and retention problem within the cybersecurity industry that must be addressed globally to ensure that the growing number of positions can be filled.  

Kvochko pointed out that SAP has created university partnerships to develop early talent. Kvochko said SAP recently opened unlimited positions all-year-round in SAP’s chief trust office to encourage individuals in every major U.S. city to explore careers in security.

“For the cybersecurity industry, staying ahead of the ever-evolving threat landscape begins with considering problems or the status quo from a different perspective, which is why recruiting diverse talent should be a business imperative,” Kvochko said. “By building pipelines of top-tier talent in partnership with historically Black colleges and universities, SAP has embarked on a mission to expand the pool of qualified candidates in the industry to develop diverse workforces who are designed to innovate.”  

Steve Garrison, vice president of marketing at Stellar Cyber, added that addressing the longstanding cybersecurity workforce talent gap requires a partnership between educators, employers and solution providers.

“Partnering with skills development programs to provide cybersecurity platforms where students can gain real-world experience by managing security for publicly funded organizations can offers skills enhancement training for existing security analysts at enterprises and service providers, as well as a comprehensive education for students who want to make careers in cybersecurity,” Garrison said.

Alyssa Carr, director of human resources at GRIMM, said tech companies need to get creative in how they drive talent to the industry, especially given the historical lack of diversity in tech. For example, Carr asks: How well are companies engaging with students before they graduate high school? Are companies structured in a way that can support on-the-job training for individuals who may not have had formal education in the industry? How are we meeting the workforce where they are in the post-COVID landscape that demands more flexibility and remote work?

“Our industry cannot grow if we rely solely on the ‘traditional’ methods that have worked in the past,” Carr said.